Sound advice on AML: It’s all about the risk
Richard Simms highlights the salient points from the FATF Guidance on a Risk Based Approach (RBA) for the accounting profession.
The Financial Action Task Force (FATF) is an inter-governmental body that sets the standards for combatting money laundering, terrorist financing and related threats. In June 2008, FATF issued their guidance for accountants on the Risk Based Approach. In June 2019, a revised set of guidance was issued. The guidance is for “professional accountants in public practice”. A revised guide for Trust and Company Service Providers (TCSP) has also been issued. The guide is written at high level to have a broad application across the sector. I’ll use the expression ‘firm’ to refer to sole practitioners or larger practices.
I would recommend downloading a copy and reading through the guidance. The co-chair of the drafting group is the head of OPBAS. If you’re not familiar with OPBAS, do take few minutes to look them up. The guidance doesn’t override the UK guidance and regulations, but the good news is that many of the recommended steps already apply to the UK accountancy sector.
The guidance is 74 pages long so this is a very short-form version; in future articles I’ll focus on specific sections.
• A firm should not accept an engagement if it is not within their competence, risk appetite or comfort zone.
• A firm must build AML expertise internally and exercise sound professional judgement. This will prevent the possibility that the firm is unable to make risk-based judgements that could lead to a ‘tick-box’ approach to AML risk mitigation and management, which in turn could mean an incorrect assessment of the level of risk. Hence the need for up-to-date training is essential. The risk of relying on self-reported publicly available information is flagged; beneficial ownership information held at Companies House is an example of this.
• Once a firm has identified a risk it’s essential to understand how it could impact the firm. A firm should avoid just gathering information without proper analysis and understanding. It is recognised that a risk-sensitive approach doesn’t mean that all firms risk control policies and procedures will be identical.
• The risks of shell companies are well documented and the risk of ‘shelf companies’ are explained. A company that has sat dormant for some time that becomes active could be used to give the impression of longevity of a business that is not the case.
• The credibility that firms bring when they add their name to accounts and financial records has been highlighted as a reason that criminals may be drawn to use accountants. This, along with the structuring of a criminal’s affairs, can distance ownership of assets from evidence of their source as proceeds of crime. Tax planning may be used to minimise future liabilities. From a personal perspective, the risk of falsified accounts would surely be enough to ensure that source documentation is seen when preparing accounts.
• It is important to consider all available information when completing a risk assessment for the firm or for a client. This includes client sourced, local, national and supra-national sources.
Though many potential risk areas are highlighted within the guidance, and discussion is given to the many differing roles of accountants in practice, it’s clear that the need to exercise professional judgement, based on the firm’s understanding of AML (and this is not an if or maybe) and to avoid not being able to make key-risk based decisions, is the crux of the matter.
AML remains within the reach of all accountancy firms. Yes, there is a resource commitment that may not been feel as though it’s being immediately rewarded.
However, as the regulatory environment continues to invest in its own AML skills, knowledge and expertise, a firm that is not engaging fully with AML will not get away with it for much longer.
By Richard Simms